Alibaba Cloud Service Mesh (ASM) is a fully managed service mesh platform. ASM is compatible with the open source Istio service mesh of the Istio community. ASM allows you to manage services in a simplified manner. For example, you can use ASM to route and split inter-service traffic, secure inter-service communication with authentication, and observe the behavior of services in meshes. This way, you can greatly reduce your workload in development and O&M.

Architecture

The following figure shows the architecture of ASM.

ASM architecture

ASM integrates and manages all components on the Istio control plane to simplify your use of ASM. This way, you can focus on application development and deployment. In addition, ASM is compatible with the Istio community. You can use declarative parameters to define flexible routing rules, and centrally manage traffic between services in a mesh.

An ASM instance with the managed control plane supports application services from multiple Kubernetes clusters or application services that run in elastic container instance pods. You can also deploy non-Kubernetes services, such as services that run on virtual machines or bare metal hosts, into the same service mesh.

Benefits

ASM builds the managed and unified service mesh capabilities in core scenarios, such as hybrid cloud, multi-cloud, multi-cluster, and non-containerized application migration. ASM provides you with the following benefits:

  • Centralized management mode

    ASM manages application services that run in managed, dedicated, and serverless clusters of Container Service for Kubernetes (ACK) and registered clusters in hybrid cloud and multi-cloud environments in a centralized manner. This provides unified observability and throttling for application services.

  • Centralized traffic management

    ASM centrally manages the traffic between application services that are deployed in a hybrid environment where containers and virtual machines coexist.

  • Managed core components of the control plane

    ASM manages core components of the Istio control plane. This helps minimize your resource overhead and O&M costs.

Instance types

ASM provides two editions of instances: Standard Edition and Professional Edition. Professional Edition extends the features of Standard Edition to enhance multi-protocol support and dynamic extension capabilities, provide fine-grained service governance, and improve the zero-trust security system. In addition, Professional Edition enhances performance, provides better support for large-scale clusters, and simplifies the use of service meshes in production environments. Professional Edition is applicable to scenarios in which you require cross-language interoperability and fine-grained service governance and want to apply the service mesh technology in production environments on a large scale.

Professional Edition is in public preview. The following table describes the features of Standard Edition and Professional Edition. You can create different editions of instances based on your needs.
Feature Standard Edition Professional Edition
Core features of the open source Istio service mesh of the Istio community ✔️ ✔️
Centralized management of ACK clusters, Serverless Kubernetes (ASK) clusters, and clusters of external containers, and Elastic Compute Service (ECS) instances ✔️ ✔️
Connection to a service registry ✔️ ✔️
Traffic management of Apache Dubbo services ✔️
Collection and monitoring of Apache Dubbo metrics ✔️
No impacts on services when the services go online or offline ✔️
End-to-end tag-based routing ✔️
Canary releases of routing rules ✔️

Learning resources